Description
HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.
References (4)
Core 4
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/205766
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10414
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_hp
http://www.securityfocus.com/advisories/6774
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16247
Scores
EPSS
0.0089
EPSS Percentile
75.9%
Details
Status
published
Products (4)
hp/openview_select_access
5.0 patch_4
hp/openview_select_access
5.1 patch_1
hp/openview_select_access
5.2
hp/openview_select_access
6.0
Published
Jul 27, 2004
Tracked Since
Feb 18, 2026